Website Security News
As a website owner, it’s a good idea to be aware of the security issues that might affect your site. For example, Cross-site Scripting (XSS) attacks consist of injecting malicious client-side scripts into a website and using the website as a propagation method. You probably…
Update 11/03/2017: Read all about vulnerabilities and best practices to secure your website in our newly WordPress Security Guide today! During regular research audits for our Sucuri Firewall (WAF), we…
Read More about Stored Cross-Site Scripting Vulnerability in WordPress 4.8.1
As you might remember, we recently blogged about a critical Content Injection Vulnerability in WordPress which allowed attackers to deface vulnerable websites. While our original disclosure only described one vulnerability, we actually reported…
During regular research audits for our Sucuri Firewall (Cloud WAF), we discovered a stored XSS vulnerability affecting the WordPress Jetpack plugin, currently installed on more than a million WordPress sites….
During regular research audits of our Sucuri Firewall, we discovered a Stored XSS vulnerability affecting the bbPress plugin for WordPress which is currently installed on 300,000 live websites – one…
Question: What is an XSS vulnerability? Should I be concerned about an XSS vulnerability? XSS (short for Cross-Site Scripting) is a widespread vulnerability that affects many web applications. The danger…
During our regular research audits for our Cloud-based WAF, we discovered a Stored XSS vulnerability affecting the Magento platform that can be easily exploited remotely. We notified the Magento team…
During a routine audit for our WAF, we discovered a critical stored XSS vulnerability affecting Akismet, a popular WordPress plugin deployed by millions of installs.
Read More about Security Advisory: Stored XSS in Akismet WordPress Plugin
During a routine audit for our WAF, we discovered a critical stored XSS affecting the Jetpack WordPress plugin, one of the most popular plugins in the WordPress ecosystem. Vulnerability Disclosure…
Last week the WordPress team released a patch that fixed 6 security vulnerabilities. Of the six, you’ll find one that we identified a few months back. Vulnerability Disclosure Timeline: May…
Read More about Persistent XSS Vulnerability in WordPress Explained
If you want to keep your website safe, it is important to understand the website security terminology used to describe the causes and effects of hacks. Software vulnerabilities and access…
